The rise in cybersecurity vulnerabilities is alarming! Discover the importance of automated threat intelligence in today's digital landscape.
Read: https://thehackernews.com/2023/09/the-interdependence-between-automated.html
Read: https://thehackernews.com/2023/09/the-interdependence-between-automated.html
π22π₯16π2π1
TikTok faces a whopping β¬345 million fine for mishandling children's data in the E.U.
Default public settings, lack of transparency, and more led to this hefty penalty.
Learn more: https://thehackernews.com/2023/09/tiktok-faces-massive-345-million-fine.html
Default public settings, lack of transparency, and more led to this hefty penalty.
Learn more: https://thehackernews.com/2023/09/tiktok-faces-massive-345-million-fine.html
π68π30π14π₯13π€―6π€4
Major crypto hacks by Lazarus Group: Reports confirm $240M stolen since June 2023, with $31M swiped from CoinEx. Find out how they're shifting their focus.
Read: https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html
Read: https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html
π34π14π±10π₯9π€―4π3
UNC3944 threat actor now turns to ransomware attacks, targeting critical systems. Understand their tactics, and learn how to protect your organization from this growing danger.
Read: https://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html
Read: https://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html
π16π₯6π€5π3
Software firm Retool suffered a breach with 27 customer accounts hacked after an SMS-based attack.
Google Account sync blamed for the breach, turning multi-factor authentication to single-factor.
Result: $15M in stolen cryptocurrency.
Read: https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html
Google Account sync blamed for the breach, turning multi-factor authentication to single-factor.
Result: $15M in stolen cryptocurrency.
Read: https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html
π₯24π12π€4π1
Discover the evolution of Android banking trojans - 'Hook' inherits its powers from 'ERMAC.' How does it outperform its predecessor?
Read on: https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html
Read on: https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html
π€9π6π3
π»π° A new cryptojacking operation, AMBERSQUID, is exploiting uncommon AWS services like AWS Amplify, Fargate, and SageMaker.
Read: https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html
Learn how they fly under the radar.
Read: https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html
Learn how they fly under the radar.
π20π8π€―5
π₯ Data Leak Alert!
Microsoft accidentally exposed 38TB of private data, including secrets, keys, passwords, and 30K+ internal Teams messages, on AI #GitHub repository due to a security glitch.
Read more in this article: https://thehackernews.com/2023/09/microsoft-ai-researchers-accidentally.html
Microsoft accidentally exposed 38TB of private data, including secrets, keys, passwords, and 30K+ internal Teams messages, on AI #GitHub repository due to a security glitch.
Read more in this article: https://thehackernews.com/2023/09/microsoft-ai-researchers-accidentally.html
π±65π€―36π30π₯15π12π10π€6β‘5
π’ New Threat Alert β Suspected Pakistani group, Transparent Tribe, evolves tactics! Using fake YouTube apps to spread CapraRAT trojan, targeting Indian entities.
Read: https://thehackernews.com/2023/09/transparent-tribe-uses-fake-youtube.html
Read: https://thehackernews.com/2023/09/transparent-tribe-uses-fake-youtube.html
π25π€―10π7β‘3
Around 12,000 Juniper firewall devices exposed online are vulnerable to a recently disclosed flaw (CVE-2023-36845). This flaw enables unauthenticated code execution without file creation.
Read details: https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html
Read details: https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html
π19π₯8π3π±2
Earth Lusca, a China-linked group, is using a stealthy Linux backdoor called SprySOCKS to target government entities worldwide.
Learn how they operate: https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html
Learn how they operate: https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html
π₯14π5π€5
π¨ Data Security Alert! Did you know 6% of employees paste sensitive data into AI apps weekly? Learn how to prevent data leakage in this upcoming webinar.
Read: https://thehackernews.com/2023/09/live-webinar-overcoming-generative-ai.html
Read: https://thehackernews.com/2023/09/live-webinar-overcoming-generative-ai.html
π14π14π2
Researchers warn of a new sophisticated campaign, Operation Rusty Flag, deploying Rust-based malware in Azerbaijan.
Learn how this advanced attack works: https://thehackernews.com/2023/09/operation-rusty-flag-azerbaijan.html
Learn how this advanced attack works: https://thehackernews.com/2023/09/operation-rusty-flag-azerbaijan.html
π₯13π5π€3
Telecom providers in the Middle East face a stealthy cyber threat called ShroudedSnooper. It uses HTTPSnoop to exploit Windows HTTP kernel drivers.
Learn more: https://thehackernews.com/2023/09/shroudedsnoopers-httpsnoop-backdoor.html
Learn more: https://thehackernews.com/2023/09/shroudedsnoopers-httpsnoop-backdoor.html
π19
π¨π»βπ»πΎ WEBINAR β€ Discover the power of SSPM + ITDR synergy, learn to detect and neutralize hidden SaaS security threats.
Reserve your spot now: https://thehacker.news/itdr-saas
Reserve your spot now: https://thehacker.news/itdr-saas
thehacker.news
Identity Threat Detection and Response (ITDR) β Rips in Your Identity Fabric
Tactics, Techniques, Procedures... Learn how ITDR identifies and mitigates threats with the help of SSPM
π15π7π€3
XWorm, a persistent remote access trojan, has been evolving since 2022. Researchers at AnyRun uncovered its inner workings, including evasion tactics, sandbox detection, and persistence methods.
Learn more: https://thehackernews.com/2023/09/inside-code-of-new-xworm-variant.html
Learn more: https://thehackernews.com/2023/09/inside-code-of-new-xworm-variant.html
β‘13π10π10
Trend Micro releases patches for critical security flaw, CVE-2023-41179, actively exploited in real-world attacks on Apex One and Worry-Free Business Security solutions for Windows.
Read details: https://thehackernews.com/2023/09/trend-micro-releases-urgent-fix-for.html
Read details: https://thehackernews.com/2023/09/trend-micro-releases-urgent-fix-for.html
π7π€3π€―3π1π±1
π¨ Critical Security Alert! GitLab issues patches for CVE-2023-5009, a flaw allowing attackers to run pipelines as other users.
Protect your codeβupdate now: https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html
Protect your codeβupdate now: https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html
π21π₯6π2
π‘οΈ Signal messaging app's latest update adds a quantum-resistant shield. Learn how the PQXDH protocol boosts encryption against future quantum threats.
Details here: https://thehackernews.com/2023/09/signal-messenger-introduces-pqxdh.html
Details here: https://thehackernews.com/2023/09/signal-messenger-introduces-pqxdh.html
π19π€12π₯10β‘5
π¨ Alert: Chinese-language speakers under attack!
Multiple email phishing campaigns are distributing dangerous malware, including ValleyRAT.
Read: http://thehackernews.com/2023/09/sophisticated-phishing-campaign_20.html
Multiple email phishing campaigns are distributing dangerous malware, including ValleyRAT.
Read: http://thehackernews.com/2023/09/sophisticated-phishing-campaign_20.html
π16π₯11
Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys.
Read: https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html
Read: https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html
π13π€―6π₯2